Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Install the Signature Database on Devices

Users with the Tenant Administrator role can install the active signature database on one or more devices. Signatures must be present on the device for application firewall or intrusion prevention system (IPS) features to be used. If you do not install the signature database on a device, the deployment of IPS profiles or application firewall will fail.

Note:

Before you install the signature database on the device, ensure that the IPS license is installed on the device. If the IPS license is not installed, only the application signatures will be installed when the signature database installation is triggered.

You can install the signature database on NFX150, NFX250, SRX Series, and vSRX devices.

To install the active signature database:

  1. Select Administration > Signature Database.

    The Signature Database page appears.

  2. Click Install Signatures.

    The Install Signatures page appears, displaying the signature database version and the devices on which you can install the signature database.

  3. Select the check boxes corresponding to the devices on which you want to install the signature database.

    You can also search for, filter, or sort the devices that are displayed.

  4. From the Type field:

    • Select Run now to trigger the installation of the signature database immediately.

    • Select Schedule at a later time to install the signature database later, and specify a date and time at which you want the installation to be triggered.

  5. Click OK.

    • If you specified that the database must be installed immediately, a job is triggered. In the Job Tasks page that appears, the tasks associated with the signature database installation are displayed. Click OK to exit and return to the Signature Database page.

    • If you specified that the database must be installed later, a job is triggered and you are returned to the Signature Database page. A confirmation message (with the job ID) is displayed at the top of the page.

Note:

In addition to using the predefined signatures present in the database, you can add and use the following:

  • Customized application signatures and signature groups on the Application Signatures page (Configuration > Application Signatures in Administration Portal or Configuration > Shared Objects > Application Signatures in Customer Portal).

    For more information, see the About the Application Signatures Page topics in the CSO Administration Portal User Guide and the CSO Customer Portal User Guide (available on the CSO Documentation page).

  • Customized IPS signatures, static groups, and dynamic groups on the IPS Signatures page (Configuration > IPS > IPS Signatures in Customer Portal).

    For more information, see About the IPS Signatures Page in the CSO Customer Portal User Guide.

Depending on whether you’re deploying SD-WAN or NGFW, see CSO SD-WAN Deployment Workflow or CSO Next-Generation Firewall (NFGW) Deployment Workflow.